Recently I bought a SR520-FE. And it works fine untill I do the following…
Setup is as follows:
Vlan 75 DHCP enabled with 192.168.22.x
Vlan 70 DHCP enabled with 192.168.75.x
When I create a second Vlan with number 70 on the sr520 and “connect” it to FE1 together with a second DHCP scoop with IP range 192.168.75.x, and I create a second Vlan on my switch and connect this to the SR520, see the picture then al the systems in the network are unable to connect to the internet.
I guess client plugging into vlan 2 on the switch are gettting DHCP scope of 192.168.75.x ?
I guess that Switch port FE1 on the SR520 is configured as a untagged or mode access port ? (it has to be)
I guess you have a NAT and firewall setup for this new interface on the SR520 ?
I guess you have set the switch ports leading to the SR520 as access (non tagged) ports ?
I must admit I personally prefer to have a tagged uplink going from a switch to a tagged port on the router.
The defaults vlan on the switch and router being untagged , whilst subsequent vlans are tagged . But I guess from your description you don't have a spanning treee loop or broadcast storm in the switch. But the thing you lack is client in vlan2 being able to access the internet.
My approach might be to;
Step 1. simplify the network and only use the router
You have two vlans on the router,
When you plug a PC in the router ports , default VLAN and VLAN 70, do the PCs get different allocation of DHCP scopes, or to word it another way do they get a IP address from 192.168.22.x and 192.168.75.x respectively ?
Step 2. Can these PC ping a internet IP address ?
Step 3. Can the PC ping a URL or bring up a web page or can the PC's resolve DNS addresses ?
Yes - then problem is most likely in the switch configuration.
no - Nat and firewall or ACL list may be setup correctly.
Let's see some of the answers to these questions.
Could be interesting to capture a show tech on the SR520-FE, and post it (maybe hide the WAN IP address)
When you choose the Switch Smart Port mode, it configures the port as a VLAN trunk. In this mode, the port can handle traffic without VLAN tags - in what is called the native VLAN and tagged frames, which belong to VLANs.
I suggest that you only use the cable connected to FE1 as Dave suggests - loose the other one - and ensure the port on the switch to which it is connected is configured as a trunk too (with the same native VLAN at both ends).
Configure DHCP WAN Settings on the RV34x Router
A Wide Area Network (WAN) is a network that covers a broad area. A user or network of users can connect to the Internet through an Internet Service Provider (ISP) who offer...
Configure Static IP WAN Settings on the RV34x Router
A Wide Area Network (WAN) is a network that covers a broad area. A user or network of users can connect to the Internet through an Internet Service Provider (ISP) who ...